For most of us who have real IT jobs, the DST update was a pain. The article is about how an online nuisance to us has caused a real-world nuisance to this kid.
There can be a reason for them to do that. If they want to arrive to a crime in progress silently, they will only draw attention to themselves when crossing intersections on red lights (to prevent accidents).
If 'Easter Bunny' has reached the list of offensiveness to some people, then I think some people are too easily offended.
Rejoice in the fact that your holidays haven't been sponsored by a white rabbit who clucks like a chicken (apologies to insensitive clod joker whose god is a white rabbit that sounds like a chicken).
I did a study checking the mortality rate of parents vs the mortality rate of their kids. I found that in all cases that one or more of the parents died, their offspring also eventually died. It has led me to believe that death is indeed a hereditary trait.
Sorry for mis-counting the start menu. I'm so used to hot-key access to it that I never think about it.
The car analogy isn't very good. We're talking about cost to access a feature, not cost to drive from A to B. The IP address is something that only the mechanic normally needs to know about (yes, I know there are other cases (games, etc.)), so its more like having a car with the oil stick in a further back spot.
I'm not sure if "time to find the IP address" is all that critical a metric. Does anybody have GUI equivalents for Linux or Mac OS to test and get similar click counts?
I don't run vista, so i had to use google to find the graphical instructions (click count is mine):
1. On the Start Menu, right-click on Network and click Properties (2 clicks)
2. A Network and Sharing Center window will open. Click View status to the right of Local Area Connection. (1 click)
3. In the new Local Area Connection Status window that opens, click Details. Your IP Address will be listed among the other connection details. (1 click)
(that would be 4 clicks)
In XP, you can right click on your network icon, click "status", then click the "support" tab to see your IP address (that would be 3 clicks). I'm surprised there's no network icon in the system tray in vista.
I wouldn't say that 1 extra click is "much less efficient".
We are considering upgrading to a firewall system with high-availability capabilities. Astaro is on the top of our list right now. Its Linux based and is reasonably priced considering the features. I believe they have a "home" edition that you can install on your own machine and use for a limited network for demonstration purposes. Maybe somebody else has used it here and could provide better commenting.
We currently have some old Watchguard fireboxes which have mostly worked well, minus a lockup incident which we believe was related to a dead fan.
DNS currently points to the valid servers. SPF permits a site to declare their valid outbound email servers by adding a entry on their name server. How would your protocol be any different?
SPF is a good way to assist anti-spam programs. If configured at its strongest level (outbound mail for given domain MUST come from specified IP addresses), and if the receiving server has appropriate filtering software, the fake emails are immediately tossed. The problem is that many sites and systems do not implement it.
If we made a new protocol, why would it be implemented over other available solutions?
Open source or not is irrelevant to the problem. We're talking about authentication, not code philosophy. If it makes you feel better, then I will agree that it should be open source.
Now that anybody can use it, I want to know who decides what is valid mail on your new system. If nobody decides, then what prevents a spammer from declaring themselves trustworthy and continuing to spam as normal? Security can be in an open structure. I'm asking what is your idea for that structure?
Your reply uses 'authority of record' and 'authorized sender'. I'm asking who is doing this authentication. If you're saying that the domain declares itself trustworthy, then you're talking about SPF, which is already supported by many anti-spam applications.
You need to think more negatively and attack your own solution in order to improve it.
So how about the 'why should we trust the xyz financial consortium' checkbox? Who is allowed into this consortium? How about somebody who sells viagra online, do they get into it? Will you be happy if Microsoft is part of the group who decides who is allowed to send financial-based communications?
How about the client? Are we going to do some base authentication? Who will hold those servers, and why are they trustworthy? How much will it cost to maintain or buy a license (ie, SSL certificates cost money)?
Who will write this client and why should we trust that person/group with sensitive information? If its not email based, will the addresses still be user@domain formatted? If a person holds a normal email address, do they have the right to the financial equivalent address?
Its nice to say 'lets go write a new secure client', but if you can't even pass a simple checklist, it isn't going to go very far.
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses ( ) Mailing lists and other legitimate email uses would be affected ( ) No one will be able to find the guy or collect the money ( ) It is defenseless against brute force attacks ( ) It will stop spam for two weeks and then we'll be stuck with it ( ) Users of email will not put up with it ( ) Microsoft will not put up with it ( ) The police will not put up with it ( ) Requires too much cooperation from spammers ( ) Requires immediate total cooperation from everybody at once ( ) Many email users cannot afford to lose business or alienate potential employers ( ) Spammers don't care about invalid addresses in their lists ( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it ( ) Lack of centrally controlling authority for email ( ) Open relays in foreign countries ( ) Ease of searching tiny alphanumeric address space of all email addresses ( ) Asshats ( ) Jurisdictional problems ( ) Unpopularity of weird new taxes ( ) Public reluctance to accept weird new forms of money (x) Huge existing software investment in SMTP (x) Susceptibility of protocols other than SMTP to attack ( ) Willingness of users to install OS patches received by email ( ) Armies of worm riddled broadband-connected Windows boxes ( ) Eternal arms race involved in all filtering approaches ( ) Extreme profitability of spam ( ) Joe jobs and/or identity theft ( ) Technically illiterate politicians ( ) Extreme stupidity on the part of people who do business with spammers ( ) Dishonesty on the part of spammers themselves ( ) Bandwidth costs that are unaffected by client filtering ( ) Outlook
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical ( ) Any scheme based on opt-out is unacceptable ( ) SMTP headers should not be the subject of legislation ( ) Blacklists suck ( ) Whitelists suck ( ) We should be able to talk about Viagra without being censored ( ) Countermeasures should not involve wire fraud or credit card fraud ( ) Countermeasures should not involve sabotage of public networks ( ) Countermeasures must work if phased in gradually ( ) Sending email should be free (x) Why should we have to trust you and your servers? ( ) Incompatiblity with open source or open source licenses ( ) Feel-good measures do nothing to solve the problem ( ) Temporary/one-time email addresses are cumbersome ( ) I don't want the government reading my email ( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(x) Sorry dude, but I don't think it would work. ( ) This is a stupid idea, and you're a stupid person for suggesting it. ( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
it's far faster and more responsive to discuss things like this with like-minded people (and/or employees) on a mailing list or forum than wait for a meaningless answer from some dumb witted twit who doesn't understand the software he's been cajoled into providing support for.
If you lose the spin placed by you and Abrams, you both said "Open source has forum-based support, and Microsoft has phone based support". Which is faster: a mailing list where somebody will volunteer an answer where they have time, or somebody on a phone who is going to stay on that phone until you get an answer? (Note: there are MS support forums as well).
I had a problem with exchange and had to use a MS support call. I had the solution within the hour. On the support line i was on, you talk to people who know about those components. I had a related problem but closer to a programming support problem, and they pulled somebody else into the call to advise as well.
Time logged in does not necessary equal time worked. People have meetings, reboot computers, work on paper, etc. What happens if somebody forgets to log off?
For those who are not foaming-at-the-mouth anarchists and/or libertarians, the parent post is sarcastically referencing the money wasted on the Iraq war.
watching 'care bears' for an extended period of time will make you a more caring and sensitive person.
Any time i see the 'video games made me do it' excuse, I think that the appropriate sentence should be forced to watch 'Barney' for an entire month. Since the person is so easily influenced, this should work perfectly for rehabilitation.
Slashdot Mirror
I didn't say it was hard, i said it was a nuisance. If is wasn't a nuisance, why were there so many slashdot articles on it ?
They read the caller ID. That's the WHOLE BASIS of the article. The issue was the time on the caller ID was an hour wrong!
For most of us who have real IT jobs, the DST update was a pain. The article is about how an online nuisance to us has caused a real-world nuisance to this kid.
I disagree. I believe this kid could flip my burgers or pump my gas anytime. He's earned it.
There can be a reason for them to do that. If they want to arrive to a crime in progress silently, they will only draw attention to themselves when crossing intersections on red lights (to prevent accidents).
Do not permit gates to pack a gigantic "laser" to the moon. You may also want to prevent him from taking a shark to mount it.
No, its the comment ... of doom ... in space!
I would rather insert actual satellite phone rates. Iridium is a satellite network provider. Their phone airtime rates can be found here
Looks like the cost is about $1.29 / minute. I don't know what kind of phones they might use, but a basic phone costs about $1500 according to here
If 'Easter Bunny' has reached the list of offensiveness to some people, then I think some people are too easily offended.
Rejoice in the fact that your holidays haven't been sponsored by a white rabbit who clucks like a chicken (apologies to insensitive clod joker whose god is a white rabbit that sounds like a chicken).
I did a study checking the mortality rate of parents vs the mortality rate of their kids. I found that in all cases that one or more of the parents died, their offspring also eventually died. It has led me to believe that death is indeed a hereditary trait.
Sorry for mis-counting the start menu. I'm so used to hot-key access to it that I never think about it.
The car analogy isn't very good. We're talking about cost to access a feature, not cost to drive from A to B. The IP address is something that only the mechanic normally needs to know about (yes, I know there are other cases (games, etc.)), so its more like having a car with the oil stick in a further back spot.
I'm not sure if "time to find the IP address" is all that critical a metric. Does anybody have GUI equivalents for Linux or Mac OS to test and get similar click counts?
I don't run vista, so i had to use google to find the graphical instructions (click count is mine):
1. On the Start Menu, right-click on Network and click Properties (2 clicks)
2. A Network and Sharing Center window will open. Click View status to the right of Local Area Connection. (1 click)
3. In the new Local Area Connection Status window that opens, click Details. Your IP Address will be listed among the other connection details. (1 click)
(that would be 4 clicks)
In XP, you can right click on your network icon, click "status", then click the "support" tab to see your IP address (that would be 3 clicks). I'm surprised there's no network icon in the system tray in vista.
I wouldn't say that 1 extra click is "much less efficient".
How about the spamhaus.org incident? Should a single country's laws be allowed to lock-out a foreign company's ability to be present on the Internet?
We are considering upgrading to a firewall system with high-availability capabilities. Astaro is on the top of our list right now. Its Linux based and is reasonably priced considering the features. I believe they have a "home" edition that you can install on your own machine and use for a limited network for demonstration purposes. Maybe somebody else has used it here and could provide better commenting.
We currently have some old Watchguard fireboxes which have mostly worked well, minus a lockup incident which we believe was related to a dead fan.
Actually, i think you have to cite it, not copyright it.
i d=18534579"
Coward, Anonymous (2007): First Post. Slashdot.org. Retrieved March 29, 2006 from "http://yro.slashdot.org/comments.pl?sid=228657&c
DNS currently points to the valid servers. SPF permits a site to declare their valid outbound email servers by adding a entry on their name server. How would your protocol be any different?
SPF is a good way to assist anti-spam programs. If configured at its strongest level (outbound mail for given domain MUST come from specified IP addresses), and if the receiving server has appropriate filtering software, the fake emails are immediately tossed. The problem is that many sites and systems do not implement it.
If we made a new protocol, why would it be implemented over other available solutions?
Of cheap, fast, and good, you can only have 2 of them.
Open source or not is irrelevant to the problem. We're talking about authentication, not code philosophy. If it makes you feel better, then I will agree that it should be open source.
Now that anybody can use it, I want to know who decides what is valid mail on your new system. If nobody decides, then what prevents a spammer from declaring themselves trustworthy and continuing to spam as normal? Security can be in an open structure. I'm asking what is your idea for that structure?
Your reply uses 'authority of record' and 'authorized sender'. I'm asking who is doing this authentication. If you're saying that the domain declares itself trustworthy, then you're talking about SPF, which is already supported by many anti-spam applications.
You need to think more negatively and attack your own solution in order to improve it.
So how about the 'why should we trust the xyz financial consortium' checkbox? Who is allowed into this consortium? How about somebody who sells viagra online, do they get into it? Will you be happy if Microsoft is part of the group who decides who is allowed to send financial-based communications?
How about the client? Are we going to do some base authentication? Who will hold those servers, and why are they trustworthy? How much will it cost to maintain or buy a license (ie, SSL certificates cost money)?
Who will write this client and why should we trust that person/group with sensitive information? If its not email based, will the addresses still be user@domain formatted? If a person holds a normal email address, do they have the right to the financial equivalent address?
Its nice to say 'lets go write a new secure client', but if you can't even pass a simple checklist, it isn't going to go very far.
Your post advocates a
( ) technical ( ) legislative (x) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(x) Huge existing software investment in SMTP
(x) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
(x) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(x) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!
I had a problem with exchange and had to use a MS support call. I had the solution within the hour. On the support line i was on, you talk to people who know about those components. I had a related problem but closer to a programming support problem, and they pulled somebody else into the call to advise as well.
Time logged in does not necessary equal time worked. People have meetings, reboot computers, work on paper, etc. What happens if somebody forgets to log off?
For those who are not foaming-at-the-mouth anarchists and/or libertarians, the parent post is sarcastically referencing the money wasted on the Iraq war.
... if somebody would please take their dragon and keep it outside where it belongs!
watching 'care bears' for an extended period of time will make you a more caring and sensitive person.
Any time i see the 'video games made me do it' excuse, I think that the appropriate sentence should be forced to watch 'Barney' for an entire month. Since the person is so easily influenced, this should work perfectly for rehabilitation.